Key Takeaways
- Most “AI malware” observed so far falls into the AI malware Maturity Model (AIM3) Levels 1-3 (Experimenting through Optimizing), rather than fully automated campaigns.
- AI is currently a force multiplier on existing attacker tradecraft, not a source of fundamentally new TTPs.
- Many “first-ever AI malware” announcements are narrow research demos or PoCs with limited autonomy and unclear real-world impact.
- Public reporting shows no confirmed examples of truly embedded, Bring-Your-Own-AI (BYOAI) malware running its own local model on victim hosts.
- Defenders should prioritize monitoring abuse of legitimate AI services, hardening existing controls, and mapping threats to AIM3 levels rather than overreacting to sci-fi scenarios.
